IMAGINE THAT your friendly local mail carrier, before delivering a letter for you, decides to steam it open and read its contents. An outrageous and illegal infringement on your privacy, obviously. But a federal appeals court in Boston has just permitted an Internet service provider to engage in exactly this kind of snooping when the message is sent in cyberspace rather than by snail mail. This ruling is an unnecessarily cramped parsing of a law that Congress meant to guard, not eviscerate, the privacy of communications. The Justice Department, whose prosecution of the ISP executive was thrown out by the appeals court, should seek a review of the ruling. If that doesn't work -- if the federal wiretapping law has been outpaced by the technology it was supposed to regulate -- Congress should quickly step in to fix the glitch.
The wiretapping law makes it a crime to intentionally intercept "any wire, oral, or electronic communication." This language dates to 1986, when e-mail was at an embryonic stage but Congress, in an effort to account for and anticipate that and other technological changes, enacted the Electronic Communications Privacy Act.
The appeals court, however, ruled that opening and reading e-mails isn't covered by the wiretapping law because the messages weren't actually intercepted, as the law defines that term, but were, rather, in "electronic storage" and therefore covered by another, looser law. That finding stems from the peculiar nature of e-mail transmission, in which messages are briefly stored as they're transmitted from computer to computer. As the court itself acknowledged, that would leave little privacy for e-mail: "It may well be that the protections of the Wiretap Act have been eviscerated as technology advances."
In practical terms, the implications of the ruling are perhaps more troubling for the restraints it lifts on law enforcement than for the theoretical leeway it gives service providers to copy and read e-mails. The facts of the case were unusual: A small online company that sold out-of-print books and also provided free e-mail service wanted to peek at Amazon.com's sales strategy and copied all of Amazon's messages to the smaller company's customers. Mainstream ISPs have policies that eschew such spying, and the customer backlash that would ensue if they engaged in similar practices would probably deter them from doing so. But the ruling highlights the need for stringent privacy policies in which customers give clear -- and informed -- consent.
Of more concern, the case could make it far easier for law enforcement agents to engage in real-time monitoring of e-mail and similar traffic, like instant messaging, without complying with the strict rules applied to wiretaps. Under this reading of the law, agents would still need to show probable cause to obtain search warrants from a judge. But they wouldn't have to hew to the more exacting requirements of the wiretap law.
E-mail has become too ubiquitous, too central a facet of modern life, for this ruling to stand.